Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

ICE AIMBOT.exe

windows7-x64

7

ICE AIMBOT.exe

windows10-2004-x64

9

discord_to...er.pyc

windows7-x64

3

discord_to...er.pyc

windows10-2004-x64

3

get_cookies.pyc

windows7-x64

3

get_cookies.pyc

windows10-2004-x64

3

misc.pyc

windows7-x64

3

misc.pyc

windows10-2004-x64

3

passwords_grabber.pyc

windows7-x64

3

passwords_grabber.pyc

windows10-2004-x64

3

source_prepared.pyc

windows7-x64

3

source_prepared.pyc

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    11/07/2024, 20:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ICE AIMBOT.exe

  • Size

    76.7MB

  • MD5

    88b185ea4b3c370a398def68750704a2

  • SHA1

    37d04786aac5e491355550598a6f41d340f753b8

  • SHA256

    e95cd0aef8dba18b6b85f1899f34c5cfee7f8625557447af247dc895cbd24da5

  • SHA512

    b4141151875ff18da04080db4ddae63ee95304c41ed56a046bf5022d1ebc248129d288cc660624e2087c0a37ac52f63ae446cf6a76c946d170bf1ee44e4fe9bf

  • SSDEEP

    1572864:evHcRl0Sk8IpG7V+VPhqYdfME7FFlHFziYweyJulZUdgAdW4vjwux3a/Z9U:evHcR+SkB05awcfhdCpukdR7t49U

Score
7/10
upx

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ICE AIMBOT.exe
    "C:\Users\Admin\AppData\Local\Temp\ICE AIMBOT.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3028
    • C:\Users\Admin\AppData\Local\Temp\ICE AIMBOT.exe
      "C:\Users\Admin\AppData\Local\Temp\ICE AIMBOT.exe"
      2⤵
      • Loads dropped DLL
      PID:1720

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI30282\python312.dll
    Filesize

    1.7MB

    MD5

    506c760a20e6bb940590229d41449ffa

    SHA1

    b7c439f253987fb0ff66fc5ce959cf711b18eb8d

    SHA256

    e63503b2715df3eab8abb9b2682129e27a7add9acea9008f06f55494a2b2f3d5

    SHA512

    34df2e8e53caac0cd72cb3c5848296ca8cfa10c542c0a5f88385d6b35ab70b86957540de2ff105a27cefb37ccbb5789261a69132b535a857df32875c1f9deb9e

    Download Submit

  • memory/1720-1254-0x000007FEF5FB0000-0x000007FEF6674000-memory.dmp

    Filesize

    6.8MB

    Download